Lucene search
K
OceanicsoftValeapp

5 matches found

CVE
CVE
added 2024/09/27 12:0 p.m.60 views

CVE-2024-8608

CVE-2024-8608 corresponds to a Stored XSS in Oceanic Software’s ValeApp, caused by improper neutralization during web page generation. Affected: ValeApp versions prior to 2.0.0. Impact and exploit details are not provided beyond the XSS claim in the sources; mitigation guidance from PT-2024-39129...

7.2CVSS5.8AI score0.00277EPSS
CVE
CVE
added 2024/09/27 11:55 a.m.59 views

CVE-2024-8609

ValeApp (Oceanic Software) prior to version 2.0.0 has a vulnerability that allows insertion of sensitive information into log files, which can enable a query system for information. Impact and exact exploit details are not fully provided in the sources, but PT-2024-39130 notes that versions befor...

8.8CVSS5.8AI score0.00468EPSS
CVE
CVE
added 2024/09/27 11:48 a.m.52 views

CVE-2024-8644

ValeApp (Oceanic Software) is affected by a vulnerability described as cleartext storage of sensitive information in a cookie that allows protocol manipulation / JSON hijacking. The issue impacts ValeApp versions prior to 2.0.0. Likely impact is exposure of sensitive data via cookies and potentia...

9.3CVSS5.8AI score0.00266EPSS
CVE
CVE
added 2024/09/27 12:4 p.m.50 views

CVE-2024-8607

CVE-2024-8607 affects ValeApp by Oceanic Software, with the vulnerability lying in improper neutralization of special elements in SQL commands (SQL Injection) in ValeApp versions before 2.0.0. Reported impact aligns with high-severity scores (CVSS v3.1: 9.8, NETWORK, HIGH confidentiality/integrit...

9.8CVSS5.8AI score0.005EPSS
CVE
CVE
added 2024/09/27 11:53 a.m.47 views

CVE-2024-8643

The CVE-2024-8643 entry relates to ValeApp from Oceanic Software and is supported by PT-2024-39148 details: versions prior to 2.0.0 are affected by a Session Fixation flaw that enables Brute Force and Session Hijacking. The vulnerability description explicitly ties the issue to the authentication...

9.8CVSS5.8AI score0.0046EPSS